Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apply new, more generic analysis format #503

Merged
merged 8 commits into from
Apr 28, 2021
Merged

apply new, more generic analysis format #503

merged 8 commits into from
Apr 28, 2021

Conversation

kscieslinski
Copy link
Contributor

@kscieslinski kscieslinski commented Apr 8, 2021
edited
Loading

Added dumps_metadata so that Karton instances that process analysis won't need to rely on the filename format of the memory dumps. I've also changed the bindings and task headers of karton.drakrun-prod and karton.drakrun.processor.

@chivay chivay marked this pull request as draft April 12, 2021 11:37
@kscieslinski kscieslinski changed the title [DRAFT] apply new, more generic analysis format apply new, more generic analysis format Apr 27, 2021
@kscieslinski kscieslinski marked this pull request as ready for review April 27, 2021 09:40
@kscieslinski kscieslinski requested a review from chivay April 27, 2021 09:50
chivay
chivay requested changes Apr 27, 2021
View reviewed changes
Copy link
Collaborator

@chivay chivay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the state of other karton systems that rely on current dumps format?
This is a breaking change so we should be very careful.

Moreover, this PR should also address:
https://github.com/CERT-Polska/drakvuf-sandbox/blob/master/drakrun/drakrun/regression.py#L75-L88

drakrun/drakrun/main.py Outdated Show resolved Hide resolved
drakrun/drakrun/main.py Show resolved Hide resolved
@kscieslinski
Copy link
Contributor Author

Thanks for linking the regression tester – I've missed that! Regarding other karton systems that rely on current dumps format I'm currently only adding additional information and I'm not removing anything at this stage, so it should be fine.

@chivay
Copy link
Collaborator

chivay commented Apr 27, 2021
edited
Loading

Oh, OK. I somehow misread that now we're putting only dumps into dumps.zip without metadata

@chivay chivay self-requested a review April 27, 2021 15:15
@chivay chivay linked an issue Apr 28, 2021 that may be closed by this pull request
Output task reconfiguration #523
Closed
@kscieslinski kscieslinski merged commit 4a9e713 into master Apr 28, 2021
@kscieslinski kscieslinski deleted the analysis-format branch April 28, 2021 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chivay chivay chivay approved these changes

@icedevml icedevml icedevml approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Output task reconfiguration
3 participants
@kscieslinski @chivay @icedevml